<?php
session_start();
require_once '../config/config.inc';
$errmsg=array();
$errflag=false;
$connect=mysql_connect(DB_HOST, DB_USER, DB_PASSWORD);
if(!$connect){
die("field to connect Database".mysql_error());	
}
$sel=mysql_select_db(DB_DATABASE);

if(!$sel){
	die("unable to select Database".mysql_error());
}
function clean($str){
if(get_magic_quotes_gpc()){
$str=stripcslashes($str);
}	
	
	return mysql_real_escape_string($str);
}
if(isset($_POST['submit'])) {
$fname=clean($_POST['fname']);
$email=clean($_POST['email']);
$pass=clean($_POST['pass']);
$repass=clean($_POST['repass']);
$photo=$_FILES['photo']['name'];
if($fname==''){
$errmsg[]='First Name is Missing';
$errflag=true;	
}
if($email==''){
$errmsg[]='Email Address is Missing';
$errflag=true;	
}
if($pass==''){
$errmsg[]='Password is Missing';
$errflag=true;	
}

if(strcmp($pass,$repass)!=0){
$errmsg[]='You password does not match please attention to ';
$errflag=true;	
}
if ($email!=''){
	$qry=mysql_query("Select * from user where email='$email'");
	if(mysql_num_rows($qry)==1){
		$errmsg[]="Email Alredy exist try with new email";
		$errflag=true;
	}

	
}


if($errflag){
$_SESSION['ERROR_MSG']=$errmsg;
session_write_close();
header("Location: ../sign-up.php");
exit();	
}

$pass = md5($pass);



mysql_query ( 'SET NAMES utf8' );
mysql_query ( 'SET CHARACTER_SET utf8' );

$path = "../assets/img/users/";

$valid_formats = array ("jpg","png","gif","bmp","JPG","PNG","GIF","BMP");
		
// if(isset($_POST) and $_SERVER['REQUEST_METHOD'] == "POST")
// {
$name = $_FILES ['photo'] ['name'];
$size = $_FILES ['photo'] ['size'];

if (strlen ( $name )) {
	$r = 1;
	list ( $txt, $ext ) = explode ( ".", $name );
	if (in_array ( $ext, $valid_formats )) {
		$r = 2;
		if ($size < (1024*1024*5)) {
			$r = 3;
			
			$actual_image_name = time () . substr ( str_replace ( " ", "_", $txt ), 5 ) . "." . $ext;
			$tmp = $_FILES ['photo'] ['tmp_name'];
			
			$r = 4;
			// Random confirmation code 
			$key=md5(uniqid(rand()));
			// mysql_query("INSERT INTO users image value('$actual_image_name') ");
			$insert = mysql_query ("INSERT INTO `temp_user` VALUES(null,'$fname','$email','$pass','$actual_image_name','$key')");
			if ($insert) {
				$moveFile = move_uploaded_file ( $tmp, $path . $actual_image_name );
				if($moveFile){
					$to=$email;
					$subject="Confirmation link for event Afghanistan";
					$header="From:Technation:<eventaf@technation.af>";
					$message="your confirmation link";
					$message.="click here to activate your account";
					$message.="http://www.event-af.com/execute/confirmation.php?key='$key'";
					$sentmail=mail($to, $subject, $message,$header);				
				 if(!$sentmail){
				     echo mysql_error();
				
				}else{
					$errmsg[]="You have successfully signed up, please check for confirmation email.";
					$_SESSION['ERROR_MSG']=$errmsg;
                     session_write_close();
					header('Location: ../login.php');
				}
				
				}else {
					echo "NOT MOVED".mysql_error();
				}
			
			}
			else {
				echo "failed2".mysql_error();
				$r = 77;
			}
		} else {
			echo "Image file size max 1 MB";
			$r = 88;
		}
	} else {
		echo "Invalid file format..";
		$r = 99;
	}
} 

else {
	echo "Please select an image.";
}




}




else{
	echo"The submit button is not submited";
}


?>